拆分大文件

server-rs/crates/api-server/src/app.rs

@@ -30,7 +30,7 @@ use crate::{
         require_bearer_auth,
     },
     auth_me::auth_me,
-    auth_public_user::get_public_user_by_code,
+    auth_public_user::{get_public_user_by_code, get_public_user_by_id},
     auth_sessions::auth_sessions,
     big_fish::{
         create_big_fish_session, execute_big_fish_action, get_big_fish_run, get_big_fish_session,
@@ -159,6 +159,10 @@ pub fn build_router(state: AppState) -> Router {
             "/api/auth/public-users/by-code/{code}",
             get(get_public_user_by_code),
         )
+        .route(
+            "/api/auth/public-users/by-id/{user_id}",
+            get(get_public_user_by_id),
+        )
         .route(
             "/generated-character-drafts/{*path}",
             get(proxy_generated_character_drafts),
@@ -959,8 +963,10 @@ mod tests {
     use platform_auth::{
         AccessTokenClaims, AccessTokenClaimsInput, AuthProvider, BindingStatus, sign_access_token,
     };
+    use reqwest::Client;
     use serde_json::Value;
     use time::OffsetDateTime;
+    use tokio::net::TcpListener;
     use tower::ServiceExt;
 
     use crate::{config::AppConfig, state::AppState};
@@ -1018,7 +1024,7 @@ mod tests {
         assert_eq!(payload["ok"], Value::Bool(true));
         assert_eq!(
             payload["service"],
-            Value::String("genarrative-node-server".to_string())
+            Value::String("genarrative-api-server".to_string())
         );
     }
 
@@ -1052,7 +1058,7 @@ mod tests {
         assert_eq!(payload["ok"], Value::Bool(true));
         assert_eq!(
             payload["data"]["service"],
-            Value::String("genarrative-node-server".to_string())
+            Value::String("genarrative-api-server".to_string())
         );
         assert_eq!(
             payload["meta"]["requestId"],
@@ -2986,7 +2992,10 @@ mod tests {
             serde_json::from_slice(&body).expect("response body should be valid json");
 
         assert!(payload["token"].as_str().is_some());
-        assert_eq!(payload["admin"]["username"], Value::String("root".to_string()));
+        assert_eq!(
+            payload["admin"]["username"],
+            Value::String("root".to_string())
+        );
     }
 
     #[tokio::test]
@@ -3043,49 +3052,78 @@ mod tests {
     }
 
     #[tokio::test]
-    async fn admin_debug_http_can_probe_healthz() {
+    async fn admin_debug_http_can_probe_healthz_when_authenticated() {
         let mut config = AppConfig::default();
         config.admin_username = Some("root".to_string());
         config.admin_password = Some("secret123".to_string());
+        let listener = TcpListener::bind("127.0.0.1:0")
+            .await
+            .expect("listener should bind");
+        let local_addr = listener
+            .local_addr()
+            .expect("listener should expose local addr");
+        config.bind_host = "127.0.0.1".to_string();
+        config.bind_port = local_addr.port();
         let app = build_router(AppState::new(config).expect("state should build"));
+        let server = tokio::spawn(async move {
+            axum::serve(listener, app)
+                .await
+                .expect("test admin server should serve");
+        });
+        let http_client = Client::new();
+        let base_url = format!("http://{}", local_addr);
 
-        let login_response = app
-            .clone()
-            .oneshot(
-                Request::builder()
-                    .method("POST")
-                    .uri("/admin/api/login")
-                    .header("content-type", "application/json")
-                    .body(Body::from(
-                        serde_json::json!({
-                            "username": "root",
-                            "password": "secret123"
-                        })
-                        .to_string(),
-                    ))
-                    .expect("login request should build"),
-            )
+        let login_payload: Value = http_client
+            .post(format!("{base_url}/admin/api/login"))
+            .json(&serde_json::json!({
+                "username": "root",
+                "password": "secret123"
+            }))
+            .send()
             .await
-            .expect("login should succeed");
-        let login_body = login_response
-            .into_body()
-            .collect()
+            .expect("login request should succeed")
+            .json()
             .await
-            .expect("login body should collect")
-            .to_bytes();
-        let login_payload: Value =
-            serde_json::from_slice(&login_body).expect("login payload should be json");
+            .expect("login payload should be json");
         let access_token = login_payload["token"]
             .as_str()
             .expect("token should exist")
             .to_string();
 
+        let payload: Value = http_client
+            .post(format!("{base_url}/admin/api/debug/http"))
+            .bearer_auth(access_token)
+            .json(&serde_json::json!({
+                "method": "GET",
+                "path": "/healthz",
+                "headers": [],
+                "body": ""
+            }))
+            .send()
+            .await
+            .expect("debug request should succeed")
+            .json()
+            .await
+            .expect("debug payload should be json");
+
+        server.abort();
+        let _ = server.await;
+
+        assert_eq!(payload["status"], Value::Number(200.into()));
+    }
+
+    #[tokio::test]
+    async fn admin_debug_http_requires_authentication() {
+        let mut config = AppConfig::default();
+        config.admin_username = Some("root".to_string());
+        config.admin_password = Some("secret123".to_string());
+        let app = build_router(AppState::new(config).expect("state should build"));
+
         let debug_response = app
             .oneshot(
                 Request::builder()
                     .method("POST")
                     .uri("/admin/api/debug/http")
-                    .header("authorization", format!("Bearer {access_token}"))
                     .header("content-type", "application/json")
                     .body(Body::from(
                         serde_json::json!({
@@ -3101,16 +3139,6 @@ mod tests {
             .await
             .expect("debug request should succeed");
 
-        assert_eq!(debug_response.status(), StatusCode::OK);
-        let body = debug_response
-            .into_body()
-            .collect()
-            .await
-            .expect("debug body should collect")
-            .to_bytes();
-        let payload: Value =
-            serde_json::from_slice(&body).expect("debug payload should be json");
-
-        assert_eq!(payload["status"], Value::Number(200.into()));
+        assert_eq!(debug_response.status(), StatusCode::UNAUTHORIZED);
     }
 }